Software Asset Management: Why It Makes Security Sense

February 26, 2015
| |
2 min read

Eighty-five percent. That’s the number of organizations that are “accidental” software pirates, meaning they use more software than they paid for, according to a recent International Data Corporation study. A similar study by IBM and Information Week revealed that 70 percent of organizations have undergone a software audit in the past 12 months — or expect one to occur. Of these organizations, almost one-third have been audited two or more times.

Three-Pronged Security and Software Asset Management

“Describing software asset management (SAM) as complex is an understatement,” said Michael Sarna of IBM. “You have pressures from the industry side — such as complex software licensing models and metrics — as well as challenges from the client side, like IT budget pressures and financial risk associated with unlicensed use.”

The following are three questions Sarna said he thinks organizations should be able to answer:

  1. What do we own?
  2. What are we using?
  3. What do we need?

How does SAM relate to keeping your data secure? According to Sarna, it’s common sense.

“As cybersecurity escalates, so does your software management responsibility,” he said. “Unpatched holes in your software present a perfect opening for costly and disruptive security breaches. But patching your software properly means you need to know where your software is deployed, in which versions, how it’s being used and by whom and whether or not patches have already been provisioned.”

IBM’s Danna Rother joined Sarna in the presentation and said she feels that although he is correct in his assessment of the complexities, there are great benefits organizations can yield from properly instituting a SAM strategy.

“The upside of a proper SAM strategy is centered around three primary areas,” Rother said. “Operational benefits, like information security and business continuity; risk mitigation, which can limit your exposure to unexpected costs as a result of a failed audit; and financial benefits like understanding what you’re currently using today.”

Michael Sarna and Danna Rother from IBM are joined by Rick Davenport and Barry Le Cornu from Allstate at IBM InterConnect.

Software in Good Hands

Rick Davenport and Barry Le Cornu of Allstate Insurance echoed sentiments from Sarna and Rother at IBM InterConnect.

“Allstate committed to putting a strong software asset management program in place in 2012,” Davenport said. “It’s helped us continually improve our ability to manage our software licenses, [reduce] our compliance risk and will eventually enable us to optimize our software spend. And now that we know what we’ve deployed and where, we’re better positioned to find any unpatched holes in our systems and keep our corporate data protected.”

If you want to learn more about how to improve your software audit posture and keep your data safe and secure, explore a software asset management solution for your office with IBM Unified Endpoint Management™.

Image Source: iStock

Mitch Mayne
Public Information Officer, IBM X-Force Threat Intelligence

Mitch is the Public Information Officer (PIO) for IBM Security X-Force Threat Intelligence, and is responsible for how IBM X-Force communicates both internal...
read more

Banner ad leading to the Cost of a Data Breach Report for 2020.
Banner ad leading to the Cost of a Data Breach Report for 2020.
Your browser doesn’t support HTML5 audio
Press play to continue listening
00:00 00:00